Another lil critter to be careful of. It is a mass mailing virus.
Announcement
Collapse
No announcement yet.
SoBig Virus
Collapse
This topic is closed.
X
X
-
RE: SoBig Virus
Its not JUST a mass mailer
This article:
contains what we knew was coming from the spammers:
"The sole purpose of this virus is to generate a number of insecure computers
that can be taken control of at will and used to distribute spam, porn, or host
Web sites," Wood said.
================================================== ===========
"As well as plundering Microsoft Outlook address books for new victims,
Sobig F also attempts to implant a background program that turns
infected machines into a relay for any messages sent by the virus's
creator."
"Mikko Hypponen, manager of anti-virus firm F-Secure, said Sobig F had
been written by a spammer looking for ways to get past spam filters."
================================================== ===================
For those who are not aware, The SoBig variants were all written for the
purpose of creating spam zombies.
Every variant is morphing the ports used by the spammer to relay off of the
zombies. The SoBig.F variant of the last few days is probably in response to
the MSBlaster cleanup, removing a good chunk of their previously infected
machines.
A good detailed analysis is here: (covers up to SoBig.e)
sobig%2De.html make sure to visit the links to previous writeups.
Derek
Comment
-
RE: SoBig Virus
As I said before, Mods, important events like these should be posted in the most read section of the Forum to make sure that as many as possible get the message ! ;-)
O t t o
Web site: www.otto-wipfel.co.uk
Comment
-
RE: SoBig Virus
OK this is it, just being a malicious SOB with too much time on one's hands is one thing(though still worthy of horsewhipping)but these spamming Aholes have used up the last bit of paitence anyone should afford them.
Can we now resort to some of the medievil torture methods for any spammer caught originating this virus?
Comment
-
RE: SoBig Virus
Something I cannot for the life of me understand is why people do not take precautions and stop these things dead in their tracks. Do they not care or possibly not read widely distributed instructions on how to prevent the spreading of E-Mail viruses?
DO NOT OPEN AN ATTACHMENT!!!!
That thing has hit my mail box 3 times in the last two days and I just click it off, delete and go on about my business.
As said in a previous thread I do not under any circumstances keep addresses in my email address folder nor am I even able to open an attachment when received. Ain't nobody gonna accuse me of having a hand in helping spread the virus. Even if I could open an attachment I would not even open one from somebody I know. In many cases somebody you know and trust is unknowingly spreading the virus.
An anti-virus program is necessary of course, but common sense is just as effective in combating a virus. The other alternative is to use a web based E-Mail program, but I like OE and refuse to give in to those that want to create havoc with a virus.
Just my inflated nickles worth.
Ken B.
Comment
-
RE: SoBig Virus
This today from the Reuters New Agency:
New virus spreads faster than ever
A new computer virus that spreads via email, Sobig.F, is the fastest-growing infection recorded, according to security group MessageLabs.
MessageLabs, a British-based Internet security firm, says SoBig has affected one in 17 emails sent around the world since Monday.
MessageLabs chief information analyst Paul Wood says it is feared the virus could increase global email traffic by as much as 60 per cent, slowing the Internet to a crawl.
"It's unprecedented in our history. We stopped over 1 million [infections] in the first day," he said.
"It's a pretty frightening statistic. And the next incarnation could be even worse."
In a statement, MessageLabs added: "This makes Sobig.F the fastest-growing virus ever, surpassing the infamous LoveBug, Klez and Kournikova viruses."
"All initial copies originated from the United States, where the virus is currently most prevalent."
Sophisticated
The Sobig.F virus, first detected on Monday, is the sixth and most sophisticated variant of a mass emailing virus that can spoof the sender's address, MessageLabs says.
The virus fools the user into believing the email is from a legitimate source and then opening the email.
The email often contains the header: "Subject: Re:details" and the text "Please see the attached file for details".
Attachment names include: your-document.pif, details.pif, your-details.pif, thank-you.pif, movie0045.pif, document-Fall.pif, application.pif, docment-9446.pif, MessageLabs said.
Once the file is opened, SoBigF scours the computer for email addresses, checking in Word documents, Internet logs and email inboxes.
It then sends scores of messages to the addresses it has collected.
Since the first variant of the SoBig virus was released in January, MessageLabs said it had intercepted 3 million copies.
Once the virus infects a machine it attempts to connect to a website to download a backdoor "Trojan", leaving the computer vulnerable to security breaches by hackers or other viruses, MessageLabs chief technology officer Mark Sunner said.
The virus is expected to be widespread for the next few weeks, Sunner says, but it is set to deactivate on September 10, halting further propogation.
"The Sobig virus writer's use of an inbuilt expiry date indicates that he is committed to inventing new and improved versions," Mr Sunner said.
"Each variant released so far has exceeded the previous one in growth and impact during the critical initial window of vulnerability."
-- AFP and Reuters
Comment
-
dgauci
RE: SoBig Virus
I've been receiving between 60-100 emails a day containing this virus. My Norton Anti-Virus has caught and deleted each one, but it is still a nuisance opening my inbox and having 30 more virus laden messages every couple of hours.
Comment
-
dgauci
RE: SoBig Virus
> Well just one way to stop it from your computer is if you
>don't know the sender DELETE IT WITH OUT OPENING IT. Thats
>just for starters
The problem with this virus, is it spoofs the senders name, so it may appear to be coming from someone you do know. The only reliable defense is a good Anti-Virus package.
Comment
-
RE: SoBig Virus
One way you can stay safe is to use an internet mail system such as Juno, Hotmail, Yahoo, etc, even AOL has internet webmail. This way, your email stays on their server, their virus scan (with is constantly updated and maintained on a corporate level), and you're not bringing anything into your computer each time you read an email. I have yet to be hit with a virus in all my years on the internet.
Comment
Comment